<?php
include 'incl/Dao/DbCommon.php';
include 'incl/Com/CommonUtility.php';
class User {

	private $_connected;
	private $_db;

	
	function Create($account,$password,$email,$question,$answer) {
        $encryptPassword;
		$ret=false;
		
		if(!CommonUtility::StringIsEmptyOrNull($account) && !CommonUtility::StringIsEmptyOrNull($email)
		&& !CommonUtility::StringIsEmptyOrNull($password) && !CommonUtility::StringIsEmptyOrNull($question)
		&& !CommonUtility::StringIsEmptyOrNull($answer)){
		
			$register_date=date("Y-m-d H:i:s");
		    	$sql="INSERT INTO TBUSER(USER_ACCOUNT,USER_PASSWORD,USER_EMAIL,SEC_QUESTION,SEC_ANSWER,REGISTER_DATE,IS_ACTIVE)
		    		   VALUES('" .$account ."','" .md5($password,$encryptPassword) ."','" .$email ."','" .$question ."','" .$answer ."','". 
		    			$register_date ."','0');";
			
		    $_db=new DbCommon();
		    $ret=$_db->ExecuteQuery($sql);			
		}
		return $ret;
	    	
	}
	
	function Remove($account_id){
		$ret=false;
		
		if(!CommonUtility::StringIsEmptyOrNull($account_id)){
		
			$sql="DELETE FROM TBUSER WHERE USER_ID='".$account_id + "';";
			$_db=new DbCommon();
			$ret=$_db->ExecuteQuery($sql);
		}
		
		return $ret;
		
	}
	
	function UpdatePassword($newPassword,$account_id){
		$ret;
		$encryptPassword;
		if(!CommonUtility::StringIsEmptyOrNull($newPassword) && 
		!CommonUtility::StringIsEmptyOrNull($account_id)){
			$sql="UPDATE TBUSER SET USER_PASSWORD='".md5($newPassword,$encryptPassword) + "' FROM TBUSER WHERE USER_ID='".$account_id + "';";
			$_db=new DbCommon();
			$ret=$_db->ExecuteQuery($sql);
		}
		return $ret;
		
	}
	
	function UpdateEmail($newEmail,$account_id){
		$ret;
		
		if(!CommonUtility::StringIsEmptyOrNull($newEmail) && !CommonUtility::StringIsEmptyOrNull($account_id)){
			
			$sql="UPDATE TBUSER SET USER_EMAIL='" + $newEmail + "' FROM TBUSER WHERE USER_ID='" + $account_id + "';";
			$_db=new DbCommon();
			$ret=$_db->ExecuteQuery($sql);
		}
		
		return $ret;
	}
	function UpdateQuestionAndAnswer($newQuestion,$newAnswer,$account_id){
		
		$ret;
		
		if(!CommonUtility::StringIsEmptyOrNull($newQuestion) && 
		!CommonUtility::StringIsEmptyOrNull($newAnswer) && 
		!CommonUtility::StringIsEmptyOrNull($account_id)){
			
			$sql="UPDATE TBUSER SET SEC_QUESTION='" + $newQuestion + "', SEC_ANSWER='" + $newAnswer + "' WHERE USER_ID='" + $account_id + "';";
			$_db=new DbCommon();
			$ret=$_db->ExecuteQuery($sql);
		}
		return $ret;
		
	}
}
?>